General

  • Target

    JaffaCakes118_1c840df2b59fd35fd79d81d69d448b2c

  • Size

    1.7MB

  • Sample

    250704-ye4xfsxxet

  • MD5

    1c840df2b59fd35fd79d81d69d448b2c

  • SHA1

    3c9c768e28c8165121136feb1c97c084239b0226

  • SHA256

    c88a6c38b4ec66ef09c788dd83470bb74ce108fd9855697e85a684778ffc1455

  • SHA512

    f0d562e4e56f2de38cc5f73ad9c2be201689b1db2f08263c6244ddd7e7dda147acd2c045cbdac3ad6f33a69827ad425ee076abfab4c406f8707fea5ea240d14f

  • SSDEEP

    49152:IeZEgSg87VsWiAxIgBbCi/S8wm68OPB4Ozgd5ZT/eFwjC8:IHy+LBbr/pfOPyFN/eFwe8

Malware Config

Targets

    • Target

      JaffaCakes118_1c840df2b59fd35fd79d81d69d448b2c

    • Size

      1.7MB

    • MD5

      1c840df2b59fd35fd79d81d69d448b2c

    • SHA1

      3c9c768e28c8165121136feb1c97c084239b0226

    • SHA256

      c88a6c38b4ec66ef09c788dd83470bb74ce108fd9855697e85a684778ffc1455

    • SHA512

      f0d562e4e56f2de38cc5f73ad9c2be201689b1db2f08263c6244ddd7e7dda147acd2c045cbdac3ad6f33a69827ad425ee076abfab4c406f8707fea5ea240d14f

    • SSDEEP

      49152:IeZEgSg87VsWiAxIgBbCi/S8wm68OPB4Ozgd5ZT/eFwjC8:IHy+LBbr/pfOPyFN/eFwe8

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

MITRE ATT&CK Enterprise v16

Tasks